[main]
    # The Puppet log directory.
    # The default value is '$vardir/log'.
    logdir = /var/log/puppet

    # Where Puppet PID files are kept.
    # The default value is '$vardir/run'.
    rundir = /var/run/puppet

    # Where SSL certificates are kept.
    # The default value is '$confdir/ssl'.
    ssldir = $vardir/ssl

    # The search path for modules.
    # The default value is '$confdir/modules'
    modulepath = <%= @modulepath %>

<% @environments.each do |envr| -%>
[<%= envr %>]
    <% if @envmanifest.to_s =~ /true/ %>manifest = $confdir/environments/<%= envr %>/manifests/site.pp<% else %>manifest = $confdir/manifests/site.pp<% end %>

<% end -%>
[agent]
    # The file in which puppetd stores a list of the classes
    # associated with the retrieved configuration. Can be loaded in
    # the separate ``puppet`` executable using the ``--loadclasses``
    # option.
    # The default value is '$confdir/classes.txt'.
    classfile = $vardir/classes.txt

    # Where puppetd caches the local configuration. An
    # extension indicating the cache format is added automatically.
    # The default value is '$confdir/localconfig'.
    localconfig = $vardir/localconfig

    # The environment Puppet is running in.
    # For servers (i.e. puppet master) this provides the default
    # environment for nodes we know nothing about.
    # The default value is 'production'.<% 
  if scope.lookupvar('agentenv').length > 0
    # if agentenv is set up, use that
    curenv = agentenv
  else
    # else use environment, or if environment is not set, fall back to 'production' as default
    curenv = scope.lookupvar('environment').length > 0 ? scope.lookupvar('environment') : 'production'
  end
%>
    environment = <%= curenv %>
<% if @cert_name != @fqdn -%>

    # The locally unique name for this node.
    # (if you aren’t using DNS names)
    certname = <%= @cert_name %>
<% end -%>

[master]<% if @storeconfigs.to_s =~ /true/ %>
    # Whether to store each client's configuration, including catalogs,
    # facts, and related data. This also enables the import and export
    # of resources in the Puppet language - a mechanism for exchange
    # resources between nodes.
    # The default value is 'false'
    storeconfigs = <%= @storeconfigs %><% if @dbadapter =~ /sqlite3/ %>

    # Type of database to use for storeconfigs
    # The default value is 'sqlite3'
    dbadapter = <%= @dbadapter %>

    # The database cache for client configurations.
    dblocation = $statedir/clientconfigs.sqlite3
<% elsif @dbadapter =~ /postgresql|pgsql|mysql/ %>

    # Type of database to use for storeconfigs
    # The default value is 'sqlite3'
    dbadapter = <%= @dbadapter %>

    # The name of the database to use.
    # The default value is 'puppet'
    dbname = <%= @dbname %>

    # The database user for caching. Only used for networked databases.
    # The default value is 'puppet'
    dbuser = <%= @dbuser %>

    # The database password for caching. Only used for networked databases.
    # The default value is 'puppet'
    dbpassword = <%= @dbpassword %>

    # The database server for caching.
    # The default value is 'localhost'
    dbserver = <%= @dbserver %>
<% elsif @dbadapter =~ /puppetdb/ %>

    # Configure the backend terminus used for StoreConfigs. By default,
    # this uses the ActiveRecord store, which directly talks to the
    # database from within the Puppet Master process.
    storeconfigs_backend = puppetdb<% end %><% end %>
<% if @server_type =~ /^httpd|^apache/ %>
    # The header containing an authenticated client´s SSL DN. This
    # header must be set by the proxy to the authenticated client´s
    # SSL DN (e.g., /CN=puppet.puppetlabs.com).
    ssl_client_header = SSL_CLIENT_S_DN

    # The header containing the status message of the client verifica-
    # tion. This header must be set by the proxy to ´SUCCESS´ if the
    # client successfully authenticated, and anything else otherwise.
    ssl_client_verify_header = SSL_CLIENT_VERIFY<% end %>
